sparse-apartment-7198902/22/2022, 11:13 PM
policy enforcement in CI-CD... The docs talk about organization-wide enforcement of policy packs requiring an Enterprise subscription. However, it seems like a CI-CI pipeline could simply checkout the policy pack code into a folder in the checked-out Pulumi program and enforce the policies as one would when running locally. 1. Are there any restrictions from doing what I described in CI-CD with less-than Enterprise subscription? 2. Has any consideration been given to making the CrossGuard org-wide auto-enforcement feature an option for the other subscription tiers, perhaps with limits (e.g. no more than 100 policies at Team level) or for additional cost (e.g. US$1.00 per month per 100 policies) I’m going to be talking about and demoing CrossGuard at some conferences and honestly, it’s slightly annoying I can’t demo the full feature from a lower tier subscription (i.e. Team), even if it cost a little to do so. Instead, I’ll just have to hand wave around it and call out it’s only available with an Enterprise subscription at an unpublished-price.